Tag: AWS PrivateLink

AWS PrivateLink provides private, secure connectivity between VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. AWS PrivateLink offers three primary benefits to customers. First, it provides a way for two parties to establish private connectivity without requiring an Internet Gateway (IGW), thereby helping both parties to deploy airtight […]

Updated “Cross-zone load balancing and appliance failures” section on 25th March, 2021 Organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of their defense in depth strategy. In an on-premises network, these often take the form of dedicated hardware or software or virtual “appliances.” As companies move to the cloud, they want […]

Amazon CloudWatch offers a centralized service to collect monitoring and operational data in the form of logs, metrics, and events. This provides a unified view of AWS resources, applications, and services that run on AWS and on-premises servers. When you have Amazon CloudWatch agents running on-premises, the default behavior is to export the collected metrics […]

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Introduction Running enterprise applications and workloads requires visibility and insight. Debugging errors or investigating a security incident in your application across hundreds of log files on hundreds of servers is time consuming and complicated. A common approach to resolve this […]

Introduction With the introduction of AWS Transit Gateway, it is easier for customers to manage connectivity between many VPCs. Further simplification can be achieved by routing all outbound traffic through one shared egress VPC. This allows re-use of NAT Gateways and can improve overall network design and operational efficiency. This ‘egress VPC’ design pattern is […]

I want to take some time to dive more deeply into a use case outlined in NET301 Best Practices for AWS PrivateLink. The use case involves using AWS Transit Gateway, along with Amazon Route 53 Resolver, to share AWS PrivateLink interface endpoints between multiple connected Amazon virtual private clouds (VPCs) and an on-premises environment. We’ve seen […]

A successful hybrid networking strategy goes beyond private network connectivity. It often requires dealing with independent internal zones both in Amazon Virtual Private Cloud (Amazon VPC) and on-premises. Such a strategy needs Domain Name System (DNS) naming that spans the entire network. Typically, this is managed by providing name resolution services in the same place […]

If you have applications spread across multiple Virtual Private Clouds (VPCs) and want to expose those applications to the Internet, you can choose from different approaches. One option is to give each VPC its own dedicated connectivity to the Internet through an attached Internet gateway. Another approach is to centralize access from the Internet through […]

Many customers use web filtering proxy solutions to monitor and control web traffic from their VPCs. When you have many accounts and VPCs, you will need to deploy multiple stacks of these solutions. This increases the complexity and overhead of managing these solutions. By centralizing the web filtering proxy service, you can easily and securely […]